CVE-2016-6255
Publication date 7 March 2017
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler.
From the Ubuntu Security Team
Matthew Garrett discovered that libupnp mishandled POST requests by default. An attacker could use this vulnerability to write files to arbitrary locations in the victim's filesystem, possibly as root.
Status
Package | Ubuntu Release | Status |
---|---|---|
libupnp | 22.04 LTS jammy | Not in release |
20.04 LTS focal | Not in release | |
18.04 LTS bionic |
Not affected
|
|
16.04 LTS xenial |
Fixed 1:1.6.19+git20160116-1ubuntu0.1~esm1
|
|
14.04 LTS trusty |
Fixed 1:1.6.17-1.2+deb7u1build0.14.04.1
|
|
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu ProSeverity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 · High |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | High |
Availability impact | None |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-4794-1
- libupnp vulnerabilities
- 15 March 2021